diff mbox series

[isar-cip-core] kas/opt: Restructure ebg-swu.yml and qemu-swupdate.yml

Message ID 20210507073005.26972-1-Quirin.Gylstorff@siemens.com (mailing list archive)
State New
Headers show
Series [isar-cip-core] kas/opt: Restructure ebg-swu.yml and qemu-swupdate.yml | expand

Commit Message

Quirin Gylstorff May 7, 2021, 7:30 a.m. UTC
From: Quirin Gylstorff <quirin.gylstorff@siemens.com>

The kas files ebg-swu.yml and qemu-swupdate.yml overlap in
some cases. Clarify their use by moving all efibootguard related
configuration to efibootguard.yml. Configuration items corresponding
with SWUpdate are moved to swupdate.yml. The option swupdate.yml is
independent of the bootloader/cpu-architecture.

Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com>
---
 doc/README.secureboot.md                    |  5 ++---
 kas/opt/ebg-secure-boot-base.yml            |  2 ++
 kas/opt/{ebg-swu.yml => efibootguard.yml}   | 12 ++++++------
 kas/opt/{qemu-swupdate.yml => swupdate.yml} | 10 +++++++---
 4 files changed, 17 insertions(+), 12 deletions(-)
 rename kas/opt/{ebg-swu.yml => efibootguard.yml} (66%)
 rename kas/opt/{qemu-swupdate.yml => swupdate.yml} (52%)

Comments

Jan Kiszka May 11, 2021, 1:28 p.m. UTC | #1
On 07.05.21 09:30, Quirin Gylstorff wrote:
> From: Quirin Gylstorff <quirin.gylstorff@siemens.com>
> 
> The kas files ebg-swu.yml and qemu-swupdate.yml overlap in
> some cases. Clarify their use by moving all efibootguard related
> configuration to efibootguard.yml. Configuration items corresponding
> with SWUpdate are moved to swupdate.yml. The option swupdate.yml is
> independent of the bootloader/cpu-architecture.
> 
> Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com>
> ---
>  doc/README.secureboot.md                    |  5 ++---
>  kas/opt/ebg-secure-boot-base.yml            |  2 ++
>  kas/opt/{ebg-swu.yml => efibootguard.yml}   | 12 ++++++------
>  kas/opt/{qemu-swupdate.yml => swupdate.yml} | 10 +++++++---
>  4 files changed, 17 insertions(+), 12 deletions(-)
>  rename kas/opt/{ebg-swu.yml => efibootguard.yml} (66%)
>  rename kas/opt/{qemu-swupdate.yml => swupdate.yml} (52%)
> 
> diff --git a/doc/README.secureboot.md b/doc/README.secureboot.md
> index 0996edc..b5056f2 100644
> --- a/doc/README.secureboot.md
> +++ b/doc/README.secureboot.md
> @@ -142,7 +142,7 @@ Build the image with a signed efibootguard and unified kernel image
>  with the snakeoil keys by executing:
>  
>  ```
> -kas-container build kas-cip.yml:kas/board/qemu-amd64.yml:kas/opt/ebg-swu.yml:kas/opt/ebg-secure-boot-snakeoil.yml
> +kas-container build kas-cip.yml:kas/board/qemu-amd64.yml:kas/opt/ebg-secure-boot-snakeoil.yml
>  ```
>  
>  For user-generated keys, create a new option file in the repository. This option file could look like this:
> @@ -150,7 +150,6 @@ For user-generated keys, create a new option file in the repository. This option
>  header:
>    version: 10
>    includes:
> -   - kas/opt/ebg-swu.yml
>     - kas/opt/ebg-secure-boot-base.yml
>  
>  local_conf_header:
> @@ -169,7 +168,7 @@ need to stored in the folder `recipes-devtools/ebg-secure-boot-secrets/files`.
>  Build the image with user-generated keys by executing the command:
>  
>  ```
> -kas-container build kas-cip.yml:kas/board/qemu-amd64.yml:kas/opt/ebg-swu.yml:<path to the new option>.yml
> +kas-container build kas-cip.yml:kas/board/qemu-amd64.yml:<path to the new option>.yml
>  ```
>  
>  ### Start the image
> diff --git a/kas/opt/ebg-secure-boot-base.yml b/kas/opt/ebg-secure-boot-base.yml
> index 30ca35a..35fb42e 100644
> --- a/kas/opt/ebg-secure-boot-base.yml
> +++ b/kas/opt/ebg-secure-boot-base.yml
> @@ -11,6 +11,8 @@
>  
>  header:
>    version: 10
> +  includes:
> +   - efibootguard.yml
>  
>  local_conf_header:
>    initramfs: |
> diff --git a/kas/opt/ebg-swu.yml b/kas/opt/efibootguard.yml
> similarity index 66%
> rename from kas/opt/ebg-swu.yml
> rename to kas/opt/efibootguard.yml
> index 63dda09..544c740 100644
> --- a/kas/opt/ebg-swu.yml
> +++ b/kas/opt/efibootguard.yml
> @@ -8,19 +8,19 @@
>  #
>  # SPDX-License-Identifier: MIT
>  #
> +# This kas file adds efibootguard as the bootloader to the image
>  
>  header:
>    version: 10
>  
>  local_conf_header:
> -  swupdate: |
> -    IMAGE_INSTALL_append = " swupdate efibootguard"
> +  efibootguard: |
> +    IMAGE_INSTALL_append = " efibootguard"
> +
> +  efibootguard-swupdate: |
>      SWUPDATE_BOOTLOADER = "efibootguard"
>  
> -  efibootguard: |
> +  efibootguard-wic: |
>      WDOG_TIMEOUT = "0"
>      WICVARS += "WDOG_TIMEOUT"
>  
> -  wic: |
> -    IMAGE_TYPE = "wic-swu-img"
> -    WKS_FILE ?= "${MACHINE}-${SWUPDATE_BOOTLOADER}.wks"
> diff --git a/kas/opt/qemu-swupdate.yml b/kas/opt/swupdate.yml
> similarity index 52%
> rename from kas/opt/qemu-swupdate.yml
> rename to kas/opt/swupdate.yml
> index daebd2c..e622972 100644
> --- a/kas/opt/qemu-swupdate.yml
> +++ b/kas/opt/swupdate.yml
> @@ -8,12 +8,16 @@
>  #
>  # SPDX-License-Identifier: MIT
>  #
> -
> +# This kas file adds swupdate and generates a ${IMAGE_NAME}.swu
> +# from the first wic partition
>  
>  header:
>    version: 10
>  
>  local_conf_header:
> -  qemu-wic: |
> +  swupdate: |
> +    IMAGE_INSTALL_append = " swupdate"
> +
> +  wic-swu: |
>      IMAGE_TYPE ?= "wic-swu-img"
> -    WKS_FILE = "qemu-amd64-${SWUPDATE_BOOTLOADER}.wks"
> +    WKS_FILE = "${MACHINE}-${SWUPDATE_BOOTLOADER}.wks"
> 
> 

Thanks, applied to next.

Jan
diff mbox series

Patch

diff --git a/doc/README.secureboot.md b/doc/README.secureboot.md
index 0996edc..b5056f2 100644
--- a/doc/README.secureboot.md
+++ b/doc/README.secureboot.md
@@ -142,7 +142,7 @@  Build the image with a signed efibootguard and unified kernel image
 with the snakeoil keys by executing:
 
 ```
-kas-container build kas-cip.yml:kas/board/qemu-amd64.yml:kas/opt/ebg-swu.yml:kas/opt/ebg-secure-boot-snakeoil.yml
+kas-container build kas-cip.yml:kas/board/qemu-amd64.yml:kas/opt/ebg-secure-boot-snakeoil.yml
 ```
 
 For user-generated keys, create a new option file in the repository. This option file could look like this:
@@ -150,7 +150,6 @@  For user-generated keys, create a new option file in the repository. This option
 header:
   version: 10
   includes:
-   - kas/opt/ebg-swu.yml
    - kas/opt/ebg-secure-boot-base.yml
 
 local_conf_header:
@@ -169,7 +168,7 @@  need to stored in the folder `recipes-devtools/ebg-secure-boot-secrets/files`.
 Build the image with user-generated keys by executing the command:
 
 ```
-kas-container build kas-cip.yml:kas/board/qemu-amd64.yml:kas/opt/ebg-swu.yml:<path to the new option>.yml
+kas-container build kas-cip.yml:kas/board/qemu-amd64.yml:<path to the new option>.yml
 ```
 
 ### Start the image
diff --git a/kas/opt/ebg-secure-boot-base.yml b/kas/opt/ebg-secure-boot-base.yml
index 30ca35a..35fb42e 100644
--- a/kas/opt/ebg-secure-boot-base.yml
+++ b/kas/opt/ebg-secure-boot-base.yml
@@ -11,6 +11,8 @@ 
 
 header:
   version: 10
+  includes:
+   - efibootguard.yml
 
 local_conf_header:
   initramfs: |
diff --git a/kas/opt/ebg-swu.yml b/kas/opt/efibootguard.yml
similarity index 66%
rename from kas/opt/ebg-swu.yml
rename to kas/opt/efibootguard.yml
index 63dda09..544c740 100644
--- a/kas/opt/ebg-swu.yml
+++ b/kas/opt/efibootguard.yml
@@ -8,19 +8,19 @@ 
 #
 # SPDX-License-Identifier: MIT
 #
+# This kas file adds efibootguard as the bootloader to the image
 
 header:
   version: 10
 
 local_conf_header:
-  swupdate: |
-    IMAGE_INSTALL_append = " swupdate efibootguard"
+  efibootguard: |
+    IMAGE_INSTALL_append = " efibootguard"
+
+  efibootguard-swupdate: |
     SWUPDATE_BOOTLOADER = "efibootguard"
 
-  efibootguard: |
+  efibootguard-wic: |
     WDOG_TIMEOUT = "0"
     WICVARS += "WDOG_TIMEOUT"
 
-  wic: |
-    IMAGE_TYPE = "wic-swu-img"
-    WKS_FILE ?= "${MACHINE}-${SWUPDATE_BOOTLOADER}.wks"
diff --git a/kas/opt/qemu-swupdate.yml b/kas/opt/swupdate.yml
similarity index 52%
rename from kas/opt/qemu-swupdate.yml
rename to kas/opt/swupdate.yml
index daebd2c..e622972 100644
--- a/kas/opt/qemu-swupdate.yml
+++ b/kas/opt/swupdate.yml
@@ -8,12 +8,16 @@ 
 #
 # SPDX-License-Identifier: MIT
 #
-
+# This kas file adds swupdate and generates a ${IMAGE_NAME}.swu
+# from the first wic partition
 
 header:
   version: 10
 
 local_conf_header:
-  qemu-wic: |
+  swupdate: |
+    IMAGE_INSTALL_append = " swupdate"
+
+  wic-swu: |
     IMAGE_TYPE ?= "wic-swu-img"
-    WKS_FILE = "qemu-amd64-${SWUPDATE_BOOTLOADER}.wks"
+    WKS_FILE = "${MACHINE}-${SWUPDATE_BOOTLOADER}.wks"